AMENDMENTS TO THE CLAIMS 



This listing of claims will replace all prior versions, and listings, of claims 
in the application: 

Listing of Claims: 

1. (Currently amended) A method for facilitating access to a plurality of 
applications that require passwords, comprising: 

receiving a request for a password from an application running on a 
remote computer system, the request being received at a local computer system^ 
wher e in th e r e quest for th e password includ e s computer code that when run on the 
local computer system r e quests the pas s word on behalf of the application on the 
r e mot e computer system ; 

authenticating the request as originating from a trusted source, wherein 
authenticating the request involves authenticating the remote computer system 
that sent the request by verifying a digital signature and c e rtificat e chain for the 
remote computer system, thereby determining if th e nod e is authoriz e d to access 
th e application ; 

using an identifier for the application to look up the password for the 
application in a password store containing a plurality of passwords associated with 
the plurality of applications, wherein the plurality of passwords allows a different 
password to be used with each application of the plurality of applications; and 

if the password exists in the password store, sending the password or a 
function of the password to the application on the remote computer system^ 

receiving a sec ond request to change the password from the application on 
the remote computer system: 

automatically generating a replacement password; 
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storing the replacement password in the password store; and 
forwarding the replacement password or the password function to the 
application on the remote computer system. 



1 2. (Cancelled) 

1 3. (Currently amended) The method o f claim 1 claim 56 , wherein the 

2 computer code is in the form of a platform-independent applet that runs on a 

3 platform-independent virtual machine on the local computer system. 

1 4. (Previously presented) The method of claim 3, wherein sending the 

2 password or the function of the password to the application to the remote 

3 computer system involves: 

4 communicating the password to the platform-independent applet; and 

5 allowing the platform-independent applet to forward the password to the 

6 application on the remote computer system. 

1 5. (Previously presented) The method of claim 3 5 wherein the platform- 

2 independent applet is a signed platform-independent applet, and wherein 

3 authenticating the request includes authenticating the platform-independent 

4 applet's certificate chain. 

1 6. (Original) The method of claim 1, wherein authenticating the request 

2 involves authenticating a creator of the request. 

1 7 (Canceled). 
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8. (Original) The method of claim 1, further comprising, if the password 
store is being accessed for the first time, 

prompting a user for a single sign on password for the password store; and 
using the single sign on password to open the password store. 

9. (Original) The method of claim 8, wherein if a time out period for the 
password store expires, 

prompting the user again for the single sign on password for the password 
store; and 

using the single sign on password to open the password store. 

10. (Previously presented) The method of claim 1, wherein if the password 
store is being accessed for the first time, the method further comprises 
authenticating the user through an authentication mechanism, wherein the 
authentication mechanism includes one of: 

a smart card; 

a biometric authentication mechanism; and 
a public key infrastructure. 

1 1 . (Original) The method of claim 1, wherein if the password does not 
exist in the password store, the method further comprises: 

adding the password to the password store; and 

sending the password to the application on the remote computer system. 

12. (Original) The method of claim 11, wherein adding the password to the 
password store further comprises automatically generating the password. 



4 

FC V:\Oracle Corporation\OR99\OR99- 1 750 1 \Amendment D 0R99- 1 750 1 .doc 



13. (Original) The method of claim 1 1 , wherein adding the password to the 
password store further comprises asking a user to provide the password. 

14. (Original) The method of claim 1, further comprising decrypting data 
in the password store prior to looking up the password in the password store. 

15. (Original) The method of claim 1, wherein the password store is 
located on a second remote computer system. 

16. (Previously presented) The method of claim 1, wherein the password 
store is located on one of: 

a local smart card; 

a removable storage medium; and 

a memory button. 

17. (Canceled). 

18. (Currently amended) A computer-readable storage medium storing 
instructions that when executed by a computer cause the computer to perform a 
method for facilitating access to a plurality of applications that require passwords, 
the method comprising: 

receiving a request for a password from an application running on a 
remote computer system, the request being received at a local computer system^ 
wh e r e in th e request for th e password includ e s comput e r cod e that wh e n run on tho 
local computer s ystem requ e sts the password on b e half of the application on th e 
r e mote computer system ; 

authenticating the request as originating from a trusted source , wherein 
authenticating the request involves authenticating the remote computer system 
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1 2 that sent the request by v e rifying a digital signatur e and c e rtificate chain for the 

13 remote computer syst e m, thereby d e termining if the nod e is authorized to acces s 

14 th e application ; 

1 5 using an identifier for the application to look up the password for the 

1 6 application in a password store containing a plurality of passwords associated with 

1 7 the plurality of applications, wherein the plurality of passwords allows a different 

1 8 password to be used with each application of the plurality of applications; and 

1 9 if the password exists in the password store, sending the password or a 

20 function of the password to the application on the remote computer system^ 

21 receiving a second request to change the password from the application on 

22 the remote computer system; 

23 automatically generating a replacement password; 

24 storing the replacement password in the password store; and 

25 forwarding the replacement password or the password function to the 

26 application on the remote computer system 

1 19. (Cancelled) 



1 20. (Currently amended) The computer-readable storage medium o f claim 

2 18 claim 57 , wherein the computer code is in the form of a platform-independent 

3 applet that runs on a platform-independent virtual machine on the local computer 

4 system. 



1 21. (Previously presented) The computer-readable storage medium of 

2 claim 20, wherein sending the password or the function of the password to the 

3 application to the remote computer system involves: 

4 communicating the password to the platform-independent applet; and 
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allowing the platform-independent applet to forward the password to the 
application on the remote computer system. 

22. (Previously presented) The computer-readable storage medium of 
claim 20, wherein the platform-independent applet is a signed platform- 
independent applet, and wherein authenticating the request includes authenticating 
the platform-independent applet's certificate chain. 

23. (Original) The computer-readable storage medium of claim 18, 
wherein authenticating the request involves authenticating a creator of the request. 

24 (Canceled). 

25. (Original) The computer-readable storage medium of claim 18, 
wherein the method further comprises, if the password store is being accessed for 
the first time, 

prompting a user for a single sign on password for the password store; and 
using the single sign on password to open the password store. 

26. (Original) The computer-readable storage medium of claim 25, 
wherein if a time out period for the password store expires, the method further 
comprises: 

prompting the user again for the single sign on password for the password 
store; and 

using the single sign on password to open the password store. 

27. (Previously presented) The computer-readable storage medium of 
claim 18, wherein if the password store is being accessed for the first time, the 
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method further comprises authenticating the user through an authentication 
mechanism, wherein the authentication mechanism includes one of: 
a smart card; 

a biometric authentication mechanism; and 
a public key infrastructure. 

28. (Original) The computer-readable storage medium of claim 18, 
wherein if the password does not exist in the password store, the method further 
comprises: 

adding the password to the password store; and 

sending the password to the application on the remote computer system. 

29. (Original) The computer-readable storage medium of claim 28, 
wherein adding the password to the password store further comprises 
automatically generating the password. 

30. (Original) The computer-readable storage medium of claim 28, 
wherein adding the password to the password store further comprises asking a 
user to provide the password. 

31. (Original) The computer-readable storage medium of claim 18, 
wherein the method further comprises decrypting data in the password store prior 
to looking up the password in the password store. 

32. (Original) The computer-readable storage medium of claim 18, 
wherein the password store is located on a second remote computer system. 
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33. (Previously presented) The computer readable storage medium of 
claim 18, wherein the password store is located on one of: 

a local smart card; 

a removable storage medium; and 

a memory button. 

34. (Canceled). 

35. (Currently amended) An apparatus that facilitates accessing a plurality 
of applications that require passwords, comprising: 

a receiving mechanism that receives a request for a password from an 
application running on a remote computer system, the request being received at a 
local computer system , wherein th e r e quest for the password includes computer 
cod e that wh e n run on the local computer syst e m requ e sts th e password on b e half 
of the application on th e remote computer system ; 

an authentication mechanism that authenticates the request as originating 
from a trusted source, wherein the authentication mechanism is configured to 
authenticate the remote computer system that sent the request by verifying a 
digital signature and c e rtificate chain for th e r e mote computer syst e m, thereby 
d e t e rmining if th e nod e is authoriz e d to acc e ss the application ; 

a lookup mechanism that uses an identifier for the application to look up 
the password for the application in a password store containing a plurality of 
passwords associated with the plurality of applications, wherein the plurality of 
passwords allows a different password to be used with each application of the 
plurality of applications; and 

a forwarding mechanism that sends the password to the application on the 
remote computer system if the password exists in the password store s and 

a password changing mechanism that is configured to: 
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receive a request to change the password from the application on 

the remote computer system: 

automatically generate a replacement password: 

store the replacement password in the password store: and to 

forward the replacement password to the application on the remote 

computer system. 

36. (Cancelled) 

37. (Currently amended) The apparatus o f claim 35 claim 58 . wherein the 
computer code is in the form of a platform-independent applet that runs on a 
platform-independent virtual machine on the local computer system. 

38. (Previously presented) The apparatus of claim 37, wherein the 
forwarding mechanism is configured to send the password to the application on 
the remote computer system by: 

communicating the password to the platform-independent applet; and 
allowing the platform-independent applet to forward the password to the 
application on the remote computer system. 

39. (Previously presented) The apparatus of claim 37, wherein the 
platform-independent applet is a signed platform-independent applet, and wherein 
the authentication mechanism is configured to authenticate a certificate chain. 

40. (Original) The apparatus of claim 35, wherein the authentication 
mechanism is configured to authenticate a creator of the request. 

41 (Canceled). 
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42. (Original) The apparatus of claim 35, wherein if the password store is 
being accessed for the first time, the lookup mechanism is configured to: 

prompt a user for a single sign on password for the password store; and to 
use the single sign on password to open the password store. 

43. (Original) The apparatus of claim 42, wherein if a time out period for 
the password store expires, the lookup mechanism is configured to: 

prompt the user again for the single sign on password for the password 
store; and to 

use the single sign on password to open the password store. 

44. (Previously presented) The apparatus of claim 35, wherein if the 
password store is being accessed for the first time, the lookup mechanism is 
configured to authenticate the user through an authentication mechanism, wherein 
the authentication mechanism includes one of: 

a smart card; 

a biometric authentication mechanism; and 
a public key infrastructure. 

45. (Original) The apparatus of claim 35, further comprising an insertion 
mechanism, wherein if the password does not exist in the password store the 
insertion mechanism is configured to: 

add the password to the password store; and to 

send the password to the application on the remote computer system. 

46. (Original) The apparatus of claim 45, wherein the insertion mechanism 
is additionally configured to automatically generate the password. 
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47. (Original) The apparatus of claim 45, wherein the insertion mechanism 
is additionally configured to ask a user to provide the password. 

48. (Original) The apparatus of claim 35, further comprising a decryption 
mechanism that is configured to decrypt data in the password store. 

49. (Original) The apparatus of claim 35, wherein the password store is 
located on a second remote computer system. 

50. (Previously presented) The apparatus of claim 35, wherein the 
password store is located on one of: 

a local smart card; 

a removable storage medium; and 

a memory button. 

5 1 . (Canceled) 

52. (Currently amended) A method for facilitating access to a plurality of 
applications that require passwords, comprising: 

receiving a request to look up a password at a password serve r, wh e r e in 
the r e que s t is r e c e ived from comput e r cod e running on th e cli e nt that r e quests th e 
password on b e half of the application ; 

authenticating the request as originating from a trusted source, wherein 
authenticating the request involves authenticating the remote computer system 
that sent the request by verifying a digital signatur e and certificat e chain for the 
r e mot e comput e r system, thereby determining if th e nod e is authorized to acc e ss 
th e application ; 
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1 1 wherein the request is received from a client and includes an identifier for 

12 an application requesting the password from the client; 

1 3 using the identifier for the application to look up the password for the 

14 application in a password store containing a plurality of passwords associated with 

1 5 the plurality of applications, wherein the plurality of passwords allows a different 

16 password to be used with each application of the plurality of applications; and 

17 if the password exists in the password store, sending the password or a 

1 8 function of the password to the client, so that the client can present the password 

1 9 to the application^ 

20 receiving a second request from the client to change the password at the 

21 password server: 

22 automatically generating a replacement password; 

23 storing the replacement password in the password store; and 

24 forwarding the replacement password or the password to the client. 

1 53. (Cancelled) 

1 54. (Currently amended) The method o f claim 52 claim 59 , wherein the 

2 computer code is in the form of a platform-independent applet that runs on a 

3 platform-independent virtual machine on the client. 

1 55. (Currently amended) A server that distributes code for facilitating 

2 access to a plurality of applications that require passwords, wherein the code 

3 operates by: 

4 receiving a request for a password from an application running on a 

5 remote computer system, the request being received at a local computer system T 

6 wherein th e request includes comput e r cod e that wh e n run on th e local computer 
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7 system requests the password on behalf of the application on the r e mot e comput e r 

8 syst e m ; 

9 authenticating the request as originating from a trusted source, wherein 

10 authenticating the request involves authenticating the remote computer system 

1 1 that sent the request by verifying a digital signatur e and c e rtificate chain for the 

12 r e mot e comput e r s yst e m, th e reby d e t e rmining if the nod e is authorized to access 

13 th e application ; 

14 using an identifier for the application to look up the password for the 

1 5 application in a password store containing a plurality of passwords associated with 

1 6 the plurality of applications, wherein the plurality of passwords allows a different 

1 7 password to be used with each application of the plurality of applications; md 

18 if the password exists in the password store, sending the password or a 

19 function of the password to the application on the remote computer system^ 

20 receiving a second request to change the password from the application on 

21 the remote computer system; 

22 automatically generating a replacement password; 

23 storing the replacement password in the password store; and 

24 forwarding the replacement password or the password function to the 

25 application on the remote computer system, 

1 56. (New) The method of claim 1 , wherein the request for the password 

2 includes computer code that when run on the local computer system requests the 

3 password on behalf of the application on the remote computer system. 

1 57. (New) The computer-readable storage medium of claim 18, wherein 

2 the request for the password includes computer code that when run on the local 

3 computer system requests the password on behalf of the application on the remote 

4 computer system. 
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1 58. (New) The apparatus of claim 35, wherein the request for the password 

2 includes computer code that when run on the local computer system requests the 

3 password on behalf of the application on the remote computer system. 

1 59. (New) The method of claim 52, wherein the request is received from 

2 computer code running on the client that requests the password on behalf of the 

3 application. 
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